[ubuntu/cosmic-proposed] libraw 0.18.8-2ubuntu1 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed May 16 18:06:12 UTC 2018
libraw (0.18.8-2ubuntu1) cosmic; urgency=medium
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-10528.patch: parser possible
buffer overrun in src/libraw_cxx.cpp.
- CVE-2018-10528
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2018-10529.patch: X3F property table list fix
in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
- CVE-2018-10529
Date: Wed, 16 May 2018 13:07:00 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libraw/0.18.8-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 16 May 2018 13:07:00 -0300
Source: libraw
Binary: libraw16 libraw-bin libraw-dev libraw-doc
Architecture: source
Version: 0.18.8-2ubuntu1
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Description:
libraw-bin - raw image decoder library (tools)
libraw-dev - raw image decoder library (development files)
libraw-doc - raw image decoder library (documentation)
libraw16 - raw image decoder library
Changes:
libraw (0.18.8-2ubuntu1) cosmic; urgency=medium
.
* SECURITY UPDATE: Stack-based buffer overflow
- debian/patches/CVE-2018-10528.patch: parser possible
buffer overrun in src/libraw_cxx.cpp.
- CVE-2018-10528
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2018-10529.patch: X3F property table list fix
in src/libraw_cxx.cpp, internal/libraw_x3f.cpp.
- CVE-2018-10529
Checksums-Sha1:
04626b45105983fc69e673c716cffc2e96bfe1c5 2285 libraw_0.18.8-2ubuntu1.dsc
51b2637191b6d9dcd6fd84f2b9668db6318a1a83 22632 libraw_0.18.8-2ubuntu1.debian.tar.xz
c6d5b1687862ebfea67119292550791ad0ad08c6 5924 libraw_0.18.8-2ubuntu1_source.buildinfo
Checksums-Sha256:
badb8748ce78e15c74e22c7c5d9b7547d579a076b5e39386711279d3344bba64 2285 libraw_0.18.8-2ubuntu1.dsc
c562ae90a902ff19cfcac21947f65a93a83663857bd3c0beab2056a6ad23bf46 22632 libraw_0.18.8-2ubuntu1.debian.tar.xz
73935d5641c3a2f9e4f77ce3cbad8da5e454d4ea1451c7eba125081d4cb7e156 5924 libraw_0.18.8-2ubuntu1_source.buildinfo
Files:
ff91b4c56ba2302ca95a95a52b2124ae 2285 libs optional libraw_0.18.8-2ubuntu1.dsc
39c257391620deeddeb62e79def71830 22632 libs optional libraw_0.18.8-2ubuntu1.debian.tar.xz
272551b58f99267c0393d2119edf2600 5924 libs optional libraw_0.18.8-2ubuntu1_source.buildinfo
Original-Maintainer: Debian PhotoTools Maintainers <pkg-phototools-devel at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAlr8cpgACgkQZWnYVadE
vpNDWw/+IjhX8gOuyaVLmTwQV/TbF2btFNb3hAjNdiAp/DXa+2g89x+55bUDILFt
b4BdmCScnTkjhiVSy1nQz0wZ7/2nIFqeWclTw8QcqZUBC/DhodeKNsn1Cg1vXAHW
sNjDzEd6PpeJSDAFS3laDSc3fzyrhtAESbEXd53BQSIM8m1tJXFOJSxk5HFMQ7S5
x4ZXdAy9+dR0QG6WO7q40zD746/HOMABdj3Q90yDM/OTYGAfONpVP2DAPQeeY1i3
OkWZvAwQGVhkFMdcGC4NfgXMpXkr3M4I9fquNy037iHIvhN0N8A7y2og8pjZgD3Z
itYT1fWVBvc3vJ4bvuvSp/sEiqyDjInf4kcuXxg+U6Y9qPmplBWtLR74cyfoHKza
OJL3EVD7QzmSwtiyCIMbO9twYtrBX3haIGHE4UnkFR5nADkzAgKhbcenFLYbYOMC
Cl6XVv/KgdPaIcos7Z5Dt/I70ayylCa8e01g4n0fDiTXOaVEdBZ6tMAz2QZ9oR2h
Kz9STXqB5PFwFGQXIsWWgydOd/ve4QoVkboCTjO0Yix6GjEIk6nyaWuhVrtzklb3
P08XfpSblpRuaWIM+czDmkp/FFwoU5cSYATyULRfbi58JTWO2EGN3oWXUWk9yMma
m6ADVPAhRbT82C9Euk9/eJMe8cNe8PHLGIjFMNI1q98uArkJ/QA=
=KcW2
-----END PGP SIGNATURE-----
More information about the Cosmic-changes
mailing list